Security Bulletin: IBM QRadar Security Information and Event Manager (SIEM) can be affected by a command injection vulnerability (CVE-2013-2970)
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  psirtmedium psirtsecurity
0 Comments | 1,413 Visits
A vulnerability has been discovered within the IBM QRadar SIEM software that allows an authenticated user to execute limited operating system commands on the QRadar device and gain limited remote shell access.
AFFECTED PRODUCTS AND VERSIONS:
Refer to the following reference URLs for remediation and additional vulnerability details.
X-Force Database: http://xforce.iss.net/xforce/xfdb/83872